微信登录
公众号登录
注:需要在公众平台设置网页授权域名
1、用户同意授权,获取code
url:https://open.weixin.qq.com/connect/oauth2/authorize?appid=APPID&redirect_uri=REDIRECT_URI&response_type=code&scope=SCOPE&state=STATE#wechat_redirect
redirect_uri:跳转回调
scope:
snsapi_base , 静默授权(不弹出授权页面,直接跳转,用户无感知,只能获取用户openid)
snsapi_userinfo (弹出授权页面,可通过openid拿到昵称、性别、所在地。并且, 即使在未关注的情况下,只要用户授权,也能获取其信息 )
备注:对于已关注公众号的用户,如果用户从公众号的会话或者自定义菜单进入本公众号的网页授权页,即使是scope为snsapi_userinfo,也是静默授权,用户无感知
2、code换取网页授权access_token
url:https://api.weixin.qq.com/sns/oauth2/access_token?appid=APPID&secret=SECRET&code=CODE&grant_type=authorization_code
附:检验授权凭证(access_token)是否有效
https://api.weixin.qq.com/sns/auth?access_token=ACCESS_TOKEN&openid=OPENID
3、刷新access_token(如果需要)
access_token拥有较短的有效期,当access_token超时后,可以使用refresh_token进行刷新,refresh_token有效期为30天,当refresh_token失效之后,需要用户重新授权。
获取第二步的refresh_token后,可以刷新获取access_token
url:https://api.weixin.qq.com/sns/oauth2/refresh_token?appid=APPID&grant_type=refresh_token&refresh_token=REFRESH_TOKEN
4、拉取用户信息
如果网页授权作用域为snsapi_userinfo,则此时开发者可以通过access_token和openid拉取用户信息
url:https://api.weixin.qq.com/sns/userinfo?access_token=ACCESS_TOKEN&openid=OPENID&lang=zh_CN
小程序登录
1、前端通过wx.login生成code传给后端
<view>
<button class='but' type="primary" open-type="getUserInfo" lang="zh_CN" bindgetuserinfo="getUserInfo">授权并登录</button>
</view>`
js部分
getUserInfo: function(userInfo){
wx.login({
success: function (res) {
if (res.code) {
userInfo.code = res.code;
wx.request({
url: 'http://test.com/login/xcx_login',
method: 'post',
dataType : 'json',
data: {
code: userInfo,
},
success: function (res) {
},
})
}
},
fail: function () {
},
})
},
getuserinfo返回值
{"gain":{
"userInfo":{
"type":"getuserinfo",
"timeStamp":"6648",
"target":{
"id":"",
"offsetLeft":"0",
"offsetTop":"0",
"dataset":[
]
},
"currentTarget":{
"id":"",
"offsetLeft":"0",
"offsetTop":"0",
"dataset":[
]
},
"mark":[
],
"detail":{
"errMsg":"getUserInfo:ok",
"rawData":"{\"nickName\":\"test\",\"gender\":1,\"language\":\"zh_CN\",\"city\":\"\",\"province\":\"\",\"country\":\"中国\",\"avatarUrl\":\"https://thirdwx.qlogo.cn/mmopen/vi_32/微信头像\"}",
"signature":"1c8136e3a1c69a661e5e8ad9a6886e87547af53b",
"encryptedData":"H5i9uxPw/6LXtbCTtejFcZHvaysvaY5GxkDC7onvgWoRDzYz6P4Ozf/MKnSmHsqmL9ZHZPdMSRMz1mmUHeln0cD0Df07xmqobmIjZjwz9QHnqPG/JVCOJb29mHLR4AfUVsjKsj2152AO9DJafB9DQBrj5ehyXjJpL1LWvcYokyKqfoNT1/Tk/YAHdHz11WF3IQCJ5daIL+T4UAekFrk84D8HzasyF/T5aefwDSbeCSPsTVxhQqrRt8UGV3HCGFq/c8YZJlUjzGIqRNmF8cdLHF6yCwYC+Wzd3Zt2MHwKy4f1IwsHqdAoAoKqozGpLfTkaQISKXXsD4vpcB/zb8ajnaFveBry/mPV+QtLlokCBOqVYzocezu/h+GQf/wxLdyqm8QriJrDYC2qevfQMTUVVih+3/dBtjeFmQKScOg5Nx5S0NlK4dpcw0+KimX4h9hTv98R8tFASRrBnZbtXmEc86FL5xm210fvxzBHowkNF5A=",
"iv":"pT9fc+OuIEyLzyhsz6GNsQ==",
"userInfo":{
"nickName":"test",
"gender":"1",
"language":"zh_CN",
"city":"",
"province":"",
"country":"中国",
"avatarUrl":"https://thirdwx.qlogo.cn/mmopen/vi_32/微信头像"
}
},
"mut":"",
"code":"0237Iq1w3DBrgV2fGB2w3b6W3L17Iq1v"
}
2、后端通过提交Appid+appSecret+code 到微信接口 获取 session_key & openid
url:https://api.weixin.qq.com/sns/jscode2session?appid=APPID&secret=SECRET&js_code=JSCODE&grant_type=authorization_code
小程序获取手机号
wxml+js
<view class="warrant" style="display:none;">
<button class='but' type="primary" open-type="getPhoneNumber" lang="zh_CN" bindgetphonenumber="getPhoneNumber">手机号授权</button>
</view>
//点击获取手机号码按钮
getPhoneNumber: function(e) {
console.log(e);
if(e.detail.errMsg == "getPhoneNumber:ok"){
wx.request({
url: "http://test.com/User/xcx_get_tel",
method: 'post',
dataType : 'json',
header:header,
data: {
encryptedData: e.detail.encryptedData,
iv: e.detail.iv,
sessionKey: sessionKey,
},
success: function (res) {
console.log(res);
}
})
}
}
PHP
通过sessionKey+appid+iv,解密显示明文
浙公网安备 33010602011771号